| Commit message (Collapse) | Author | Age |
|\
| |
| | |
systemd: mask /sys/fs/cgroup/systemd/release_agent
|
|/
|
|
|
|
|
|
| |
when running in systemd mode on cgroups v1, make sure the
/sys/fs/cgroup/systemd/release_agent is masked otherwise the container
is able to modify it and execute scripts on the host.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
Add multiple networks explanation to docs
|
| |
| |
| |
| | |
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
|
|\ \
| |/
|/| |
rootless: raise an error with --network=
|
| |
| |
| |
| |
| |
| | |
Closes: https://github.com/containers/libpod/issues/4332
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Initial dump of man pages and first menus
|
| | |
| | |
| | |
| | | |
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add documentation on options to volume create manpage
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Document the rough equivalence between our option types and the
various parts of the mount command. Amend examples a bit to cover
this.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
rootless: detect no system session with --cgroup-manager=systemd
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
if the cgroup manager is set to systemd, detect if dbus is available,
otherwise fallback to --cgroup-manager=cgroupfs.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Image volumes should not be mounted noexec
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This matches Docker more closely, but retains the more important
protections of nosuid/nodev.
Fixes #4318
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| |_|_|/
|/| | | |
Add parsing for UID, GID in volume "o" option
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Everything else is a flag to mount, but "uid" and "gid" are not.
We need to parse them out of "o" and handle them separately.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| |_|/ /
|/| | | |
add pip requirements file for rtd
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
read the docs requires a pip requirements file to build markdown files
instead of the rst format.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
stats: list all running containers unless specified otherwise
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Unless specified otherwise by --all, --latest or via arguments, list all
running containers. This matches the behaviour of Docker and is also
illustrated in the man pages where containers and options are marked to
be optional.
Fixes: #4274
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Initial checking for readthedocs
|
|/ /
| |
| |
| | |
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Add support for anonymous volumes to `podman run -v`
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, when `podman run` encountered a volume mount without
separate source and destination (e.g. `-v /run`) we would assume
that both were the same - a bind mount of `/run` on the host to
`/run` in the container. However, this does not match Docker's
behavior - in Docker, this makes an anonymous named volume that
will be mounted at `/run`.
We already have (more limited) support for these anonymous
volumes in the form of image volumes. Extend this support to
allow it to be used with user-created volumes coming in from the
`-v` flag.
This change also affects how named volumes created by the
container but given names are treated by `podman run --rm` and
`podman rm -v`. Previously, they would be removed with the
container in these cases, but this did not match Docker's
behaviour. Docker only removed anonymous volumes. With this patch
we move to that model as well; `podman run -v testvol:/test` will
not have `testvol` survive the container being removed by `podman
rm -v`.
The sum total of these changes let us turn on volume removal in
`--rm` by default.
Fixes: #4276
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Markdown Formatting Fixes
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Steven Gubler <stevegubler@protonmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
exec: remove unused var
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Show volume options in 'volume inspect'
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
We need to use the new Inspect() endpoint instead of trying to
JSON the actual volume structs. Currently, the output seems
completely nonsensical; it seems like we're JSONing the struct
for the Varlink connection itself? This should restore sanity and
match the format of remote and local inspect on volumes.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
We initialized the map to show them, but didn't actually copy
them in, so they weren't being displayed.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|_|/
|/| | | | | |
rootless: write storage overrides to the conf file
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
make sure the user overrides are stored in the configuration file when
first created.
Closes: https://github.com/containers/libpod/issues/2659
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
Add ability to redirect bash for run -i
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
README.md update latest version to 1.6.2
|
| |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Bump to v1.6.2
Signed-off-by: cnbattle <qiaicn@gmail.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
rootless: do not enable lingering mode
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
do not automatically enable lingering mode.
Closes: https://github.com/containers/libpod/issues/4224
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
play kube: refactor test suite
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
for berevity
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
The play kube test suite has many different cases to cover, and should only grow in coverage over time
The old design was difficult to extend, and there was lots of duplicated code.
The largest pain point was the Container struct needed to be changed often, and doing so caused changes every test case
Instead, adopt the `withOption` idiom. Now, adding a new option for customizing just involves adding a new withOption function, and changing the struct definition and initialization in one place.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\ \ \ \ \ \ \ \ \
| |_|_|_|_|_|/ / /
|/| | | | | | | | |
System tests: make sure exec pid hash w/o leaking
|
|/ / / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
podman exec leaks an exec_pid_<hash> file for every exec in tmpfs,
it's known rhbz#1731117, this case makes sure leakage issue has
been fixed.
rhbz: https://bugzilla.redhat.com/show_bug.cgi?id=1731117
Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
|
|\ \ \ \ \ \ \ \
| |_|_|/ / / / /
|/| | | / / / /
| | |_|/ / / /
| |/| | | | | |
Bump to v1.6.2
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
Finalize release notes for v1.6.2
|